Published on June 23rd, 2021
Researcher, Mathy Vanhoef, has uncovered many startling flaws in WiFi specifications and WiFi implementations that may leave countless devices open to threats from cybercriminals. Dubbed, FragAttacks (fragmentation and aggregation attacks), the vulnerabilities are due to programming errors in WiFi products.
Alarmingly, the weaknesses affect all modern security protocols, from Wired Equivalent Privacy (WEP) to the latest and most secure Wi-Fi Protected Access 3 (WPA3) specification.
A skilled hacker can exploit these issues to steal sensitive information or attack WiFi-capable devices and take them over. Hackers can also launch Frag Attacks against poorly configured websites and steal usernames and passwords.
Perhaps the most critical issue with Frag Attacks is that they allow threat actors to use rogue DNS servers. Hackers can redirect Wi-Fi devices to fraudulent websites through rogue DNS servers to deliver malicious payloads or spy on users.
A Silver Lining
The only bright side is that Frag Attacks require significant skill to execute. Additionally, the attacker needs to be close to the device. So, you can expect Frag Attacks to aim at big-ticket targets like financial institutions or large companies. However, this doesn’t mean that you’re invulnerable at the café, shopping mall, airport, or home.
How Do I Secure My Network?
You need to take several steps to secure your network, not just from FragAttacks but also from other, more common threats. Here are some tips that may help:
1. Subscribe to a Virtual Private Network (VPN)
Although a VPN won’t stop a bad actor from circumventing your router’s firewall, it will protect your data. So, what’s a VPN? How does it secure your network? In a nutshell, a VPN is a private network between your device and the Internet that’s routed through an encrypted network tunnel to a secure VPN server.
You should subscribe to a good VPN service that uses the latest VPN protocol like WireGuard for fast and secure connections. Please don’t make the mistake of trying free VPNs because they carry security flaws and spy on users.
2. Set a Strong Password
Although Frag Attacks can breach firewalls, you should still have one up as a line of defense. Enable your router’s firewall and your operating system’s firewall with a sophisticated password to enhance your network defenses.
3. Avoid Outdated Operating Systems
Mathy Vanhoef shows how dangerous Frag Attacks can be against outdated operating systems like Windows 7 that Microsoft no longer supports.
It’s a good idea to use latest operating system from Microsoft or Apple to receive regular security updates that stop hackers from utilizing exploits.
4. Don’t Visit Dodgy Websites
It’s a good idea to visit websites that only use HTTPS to mitigate FragAttacks. But please note that HTTPS websites aren’t guaranteed to be safe.
Although HTTPS enhances network security, phishers can use encrypted websites to lull you into a false sense of security. Even on a website with the iconic padlock, you must watch out for other red flags.
For example, if a website looks unprofessional, asks for private information needlessly, or displays any other suspicious signs, you must close it immediately.
Security updates for Frag Attacks may already be available for your device. Update your hardware and software and follow the right habits to shield your data.